LibRaw 0.18.11 Denial Of Service

Posted by deepcore on July 22, 2018 – 12:09 am

Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the “parse_qt()” function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file. An integer overflow error within the “identify()” function (internal/dcraw_common.cpp) can be exploited to trigger a division by zero via specially crafted NOKIARAW file. The vulnerabilities are confirmed in version 0.18.11. Prior versions may also be affected.

Tags: Apple, ios, osx
This post is under “Apple” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« [webapps] GeoVision GV-SNVR0811 – Directory Traversal Microsoft dnslint.exe DNS Tool Forced Drive-By Download »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

LibRaw 0.18.11 Denial Of Service

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL